<?php

    session_start();

    include ('../includes/config.php');

    include ('../includes/authenticate.php');
    
    include ('../includes/database.php');

    if (strcmp($_GET["action"], "add")== 0 ) {
        $sql = "INSERT INTO events VALUES (NULL, '" .
		$_POST["name"] .
		"', '" . $_POST["place"] .
		"', '" . $_POST["date"] .
		"', '" . $_POST["excerpt"] .
		"', '" . $_POST["description"] . "' )";

	if (mysql_query($sql)) {
            header("location:" . $__config["base_url"] . "administrator/events.php");
	}
	else {
		die("Error: " . mysql_error());
	}
    } 
    else if (strcmp($_GET["action"], "edit")== 0) {
        $sql = "UPDATE events SET " . 
                "name       = '" . $_POST["name"] . "', ".
                "place      = '" . $_POST["place"] . "', ".
                "date       = '" . $_POST["date"] . "', ".
                "excerpt    = '" . $_POST["excerpt"] . "', ".
                "description= '" . $_POST["description"] . "'" . 
                " WHERE id = " . $_POST["id"] . ";";
     if(mysql_query($sql)){
         header("location:" . $__config["base_url"] . "administrator/events.php");
     }
     else {
         die ("sql = \"" . $sql . "\"; Error: " . mysql_error());
     }
    
   }
                 
?>
